The other week I was in England discussing with a client the question of Data Protection and the difference between Romania and England.
Data Protection has been a hot topic in the Western half of the European Union as well as the USA for some time now, and is now having a bigger impact in Eastern Europe. So what is the position in Romania? You ask many people about data protection in Romania and they will not know what you mean. They are not aware that Romania has a Data Protection Law which came into being in 2001 although it was modified in 2012.
The one area of business in which people are aware of data protection requirements is in the field of human resources, as this is an obvious field. You keep details of your employees, their names and addresses and other personal information on file electronically. There are however rules concerning the collection and use of personal data.
The employee must consent to you collecting the data and at the same time they must know the reason for the collection. Obvious in the field of employment. The data can then only be used for the reason for which it is collected. If it is not then the person who holds the information can be fined. It is also forgotten by many people that the person whose information has been collected electronically can request that information and if there is an error the collector is obliged to change that information. Failure to supply the information could result in a complaint to the Data Protection Agency and if found guilty of an offense, a fine.
Information is also collected in other ways without people being aware that they are subject to the law. The e-business site which sells products also collects information and is subject to the Data protection law. Are they aware of the risks they are running?
To protect yourself it is very easy to register with the Romanian Data Protection Agency. This registration will require some work as you need to produce a data protection policy and ensure that the person who gives the information is aware that you are collecting this information. All users of electronic data should make sure that their policy is up to date.
The question about data protection came out of an enquiry about transferring data abroad, in this case outside the European Union. Many companies in Romania are subsidiaries of foreign companies. The transfer of electronic data between head office and its branch is common place and can occur many times in a year, but many companies have not registered this transfer with the Data Protection Agency.
All sounds very harmless, but as awareness of data protection laws and the use that data becomes more common Romanian companies cannot afford to ignore the consequences.
I have worked in Romania for 16 years, not as a lawyer which is my profession, but managing an NGO for disabled children. If you have been working there for 20 years in business and legal affairs you surely understand the answer to your own question. The answer is both basic and simple and also profound beyond the experience of most other nationalities experience to understand.
Nothing that comes from Bucharest is assumed to be for the peoples benefit. No law concerning data rights or any other proprietary concern will have any success or validity until two things happen:
1. The corrupt bases for all business and government is actually and finally changed to support and encourage business and not to take advantage of it. Most business operates within an aura of blackmarket corruption and government complicity. Let’s just imagine for our exercise here that we can wave a magic wand and replace the black marketeers, politicians on the take, mafia and organized crime all with legitimate Romanian and Foreign business interests. Then the second factor come into play.
2. Romanian’s mind set has to change radically. If you are a Romanian business manager for a foreign corporation, you are still Romanian and you are culturally conditioned to trust no one and to question every motive. Change 1 has to happen, and then it will be another generation of Romanian local management before anyone believes it.
However, one has not happened. Number 2 is going in the wrong direction, western business looking for markets in Romania are becoming just as corrupt as all the domestic businesses. I have probably worked there too long, become too cynical, more like Romanians. So you should recognize this closing remark. ” When will it change? Maybe soon. Maybe tomorrow. May be next year. Who knows! „
Jerry, having worked here for over 20 years I have seen some good and bad changes. It is not as bad as you try and point out. Sure there is corruption but in those twenty years I have not paid any monies or done a favour to run my business. In the private field business to business is clean. Perhaps cleaner than other countries. I honestly do not think Romania is any worse or better than any other country in this stage of development.
I agree with you that things will get better and I am encouraged by the young lawyers and business people whom I meet who by and large want a clean transparent business environment at all levels. The more foreign business that come and invest in Romania the quicker the process will take and Romania will move up the scale of countries were corruption is on the decrease. You need to look at things objectively. For corruption at many levels you only have to look at the US and the UK.
Jerry, I am a Romanian living and running a business in the UK and I cannot agree with your statement – ‘[…] you are culturally conditioned to trust no one and to question every motive.’ This is never a good mindset. I am not saying one should be completely trusting of absolutely anyone you meet, but one cannot run a business by doing the opposite all the time.
Nicholas, regarding data protection in Romania, should one’s home address be protected? The reason I am asking is because I was a bit shocked to discover that a certain institution has published online the addresses of a number of people (mine included) and I know that here in the UK things are different. I was wondering if the Data Protection Law in Romania is similar to the one in the UK.
Jerry, I agree with your comments, except I would add one further comment. In the West (UK) you tend to trust before being proved wrong; in Romania people do not trust until they know you. In reality we are all different and and trust comes when deserved.
On you other point. Romania has adopted the EU legislation and cannot use the data collected without your consent. You can always report them to the Data Protection Commisioner for misue of information. Hope that this helps.
Sorry last commet was addressed to Alina.
Many thanks for your reply, Nicholas. Yes, indeed, trust comes when deserved. But somehow I may have adopted the UK mentality: trust before being proven wrong rather than the opposite.
As for the other matter, thanks for the advice. I’ll definitely look into it.
Problems of mentality are normal and will be actual many years from now, but the direction is good. Local managers need time to compete with those educated in the western countries. All my teachers in the University (I graduated in 1999) were trained during the communism. In that period the word „management” was not even used. Of course now we have access to good quality education programs but change is slow.
Nicholas, will all due respect, I feel the need to see some positive ideas as well. I admit it could be only few, but once in a while you may add such. I do not say this out of patriotism, as accountant and manager I am a victim of the bureaucracy and lack of stability of the fiscal law, I am only trying to be pragmatic. When I first meet a foreign client I do not start with the bad news but with the good news. Thank you
Eduard, Thank you for the observations and comments. Having been here for over 20 years I am a great supporter of Romania as those who have met me know. I did not think the post was negative but motr practical and realistic. I too when I meet new clients give them the good news, but they need the practical side as well. I will bear your comments in mind on all future posts. I am pleased you red the blog and I hope you will comment on future matters. Nicholas
You shared a very interesting concept about data protection thanks for putting this out there, and yes data protection is usually the biggest problem in the workplace.
Chaz, I am pleased that you like my blog. As I said in my blog data protection as you well know will become more of a problem. All companies need to understand the issues involved and then fix them. All this in the name of transparency.